I’ve been sucessfully using the Accounts package together with the service configuration package in order to log in via OAuth for quite some time now. Recently I added a production environment to another domain for my app. The application is based on Angular and uses Meteor Client Bundler for Meteor communication.
Now there is domain1 which is my development environment and domain2 for production.
Since these environments don’t share the same host logging in at the production environment doesn’t work and produces the following error:
(oauth_server.js:403) Error in OAuth Server: redirectUrl (domain2) is not on the same host as the app (domain1)
After taking a look at oauth_server.js which is located within .meteor/local/build/programs/server/packages I found the issue:
if (details.loginStyle === 'redirect') {
redirectUrl = OAuth._stateFromQuery(details.query).redirectUrl;
const appHost = Meteor.absoluteUrl();
if (OAuth._checkRedirectUrlOrigin(redirectUrl)) {
details.error = "redirectUrl (".concat(redirectUrl) + ") is not on the same host as the app (".concat(appHost, ")");
redirectUrl = appHost;
}
}
The obvious solution would be to just comment out the redirectUrl change, however after doing that and restarting the Meteor server nothing changes. This happens because the file gets overwritten after restarting Meteor.
So is there a good way to keep the file change? I thought about building OAuth as a local package but I am not sure if this is the best approach for this situation and maybe there is a better solution.
At a later stage I want to host multiple apps on different domains that are all using one Meteor server for the login process so i need to allow logins from different hosts. Any help is really appreciated.